- From: Olli Pettay <Olli.Pettay@helsinki.fi>
- Date: Tue, 15 Nov 2011 21:41:26 +0200
- To: Jonas Sicking <jonas@sicking.cc>
- CC: Anne van Kesteren <annevk@opera.com>, Webapps WG <public-webapps@w3.org>, "olli@pettay.fi" <olli@pettay.fi>
On 11/15/2011 09:33 PM, Jonas Sicking wrote: > On Tue, Nov 15, 2011 at 4:22 AM, Anne van Kesteren<annevk@opera.com> wrote: >> On Mon, 14 Nov 2011 17:55:25 +0100, Jonas Sicking<jonas@sicking.cc> wrote: >>> >>> Yes, I think cross-origin should not work with sync. That is currently the >>> only synchronous communication mechanism cross origin. Without it a UA >>> could put up UI if it wants to explicitly allow users to control such >>> communication. >> >> Eww. But you agree with my suggestion about exceptions? I can put that in >> the specification and push to get it implemented in Opera, but it would help >> if you said you agreed with the specifics to avoid surprises down the road. > > So if I understand the proposal correctly: > > After .open has been called with async=false: > * setting .responseType to anything other than "" throws InvalidAccessError > * setting .wirthCredentials to true throws InvalidAccessError > > Additionally, when calling .open with async=false, throw > InvalidAccessError if .responseType is set to anything other than "" > or .withCredentials is true. > > If that's the proposal, then this sounds good to me. Sounds good to me to. Also, if xhr is sync, accessing .response or responseType could throw > > / Jonas > >
Received on Tuesday, 15 November 2011 19:42:38 UTC